/*
* firewall3 - 3rd OpenWrt UCI firewall implementation
*
- * Copyright (C) 2013-2014 Jo-Philipp Wich <jow@openwrt.org>
+ * Copyright (C) 2013-2014 Jo-Philipp Wich <jo@mein.io>
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
check_local(struct uci_element *e, struct fw3_redirect *redir,
struct fw3_state *state)
{
- struct fw3_zone *zone;
- struct fw3_device *net;
- struct fw3_address *addr, *tmp;
-
if (redir->target != FW3_FLAG_DNAT)
return false;
if (!redir->ip_redir.set)
redir->local = true;
- if (redir->local)
- return true;
-
- list_for_each_entry(zone, &state->zones, list)
- {
- list_for_each_entry(net, &zone->networks, list)
- {
- LIST_HEAD(addrs);
-
- fw3_ubus_address(&addrs, net->name);
- list_for_each_entry_safe(addr, tmp, &addrs, list)
- {
- if (!redir->local && compare_addr(&redir->ip_redir, addr)) {
- warn_elem(e, "refers to a destination address on this router, "
- "assuming port redirection");
-
- redir->local = true;
- }
-
- list_del(&addr->list);
- free(addr);
- }
-
- if (redir->local)
- return true;
- }
- }
-
- return false;
+ return redir->local;
}
void
else
{
set(redir->_src->flags, FW3_FAMILY_V4, redir->target);
- redir->_src->conntrack = true;
valid = true;
if (!check_local(e, redir, state) && !redir->dest.set &&
else
{
set(redir->_dest->flags, FW3_FAMILY_V4, redir->target);
- redir->_dest->conntrack = true;
valid = true;
}
}
projects / project / firewall3.git / blobdiff